2

I have been playing around with this library, which is absolutely awesome. I was testing it and I think there's a problem when a non activated User tries to log in. I was just wondering if any of you noticed this already? What happens is that the User is redirected to the send_again page, but once there, we are not able to change the url to any other location anymore. I am guessing that this happens because of the session info that is not destroyed - in the login function :

elseif ($this->tank_auth->is_logged_in(FALSE)) {
// logged in, not activated
redirect('/auth/send_again/');

this gets executed all the time (unless we force a logout). Does anybody knows how to fix this? Thanks!

Ricardo
  • 21
  • 2

3 Answers3

1

try to remove the redirect value on \controllers\auth.php function login and find this :

elseif (isset($errors['not_activated'])) {              
redirect('');//auth/send_again/ 
}

send_again function will always be called when you are not activated user. So, to pass the send_again function you just need to delete redirect value

if you want to activate email activation you need to configure email.php on config folder

Gery
  • 573
  • 4
  • 18
1

I found this bug to on a client's site. Forcing a logout seems to fix it. So, I put a forced logout in the function resend function, just after it sends the activation link.

The working code looks like this in application/controllers/auth.php

    function send_again()
    {
    if (!$this->tank_auth->is_logged_in(FALSE)) {                           // not logged in or activated
        redirect('/auth/login/');

    } else {
        $this->form_validation->set_rules('email', 'Email', 'trim|required|xss_clean|valid_email');

        $data['errors'] = array();

        if ($this->form_validation->run()) {                                // validation ok
            if (!is_null($data = $this->tank_auth->change_email(
                    $this->form_validation->set_value('email')))) {         // success

                $data['site_name']  = $this->config->item('website_name', 'tank_auth');
                $data['activation_period'] = $this->config->item('email_activation_expire', 'tank_auth') / 3600;

                $this->_send_email('activate', $data['email'], $data);

                $this->_display_message(sprintf($this->lang->line('auth_message_activation_email_sent'), $data['email']));

                /* 
                 * Force a logout here or tank_auth remains 
                 * stuck in the resend mode.
                 */ 
                $this->tank_auth->logout();

            } else {
                $errors = $this->tank_auth->get_error_message();
                foreach ($errors as $k => $v)   $data['errors'][$k] = $this->lang->line($v);
            }
.....

As far as I can tell, this is just hack, but it solved the problem for me. I don't know if the creator of this site changed anything or not in the tank_auth actions.

I hope it works for others.

ndasusers
  • 727
  • 6
  • 12
0

hey this has always worked for me:

if( !$this->tank_auth->is_logged_in() ){
   // not logged in
} else {
   // logged in
}

notice the bang in the condition

Matt Ryan
  • 1,717
  • 2
  • 20
  • 30